You’ve learned about individual secret management techniques, but the real power comes from combining them. In this final post of the series, I’ll show you how to layer multiple approaches to create defense-in-depth security that actually works in practice. Through real-world examples – from GitHub Actions to dev containers – you’ll see how to transform isolated techniques into comprehensive strategies that protect your secrets at every level.

What if you could eliminate static secrets entirely? That’s the promise of modern cloud-native approaches, but they come with their own tradeoffs. In this second post of the series, I’ll take you beyond traditional storage methods to explore federated identities, managed identities, and secret vaults. You’ll learn when each approach makes sense and how to protect yourself from the new attack vectors they introduce.

Every application needs secrets, but keeping them secure while making them available when needed is tricky! In this first post of the series, I’ll walk you through common storage approaches – from simple files to hardware security modules – exploring their strengths, weaknesses, and how to make each one more secure.